General
-
Target
2024-09-13_fcd3267bb69bed3e3aba9087d8cc380b_floxif_hijackloader_mafia
-
Size
2.7MB
-
Sample
240913-q5eq9asgrm
-
MD5
fcd3267bb69bed3e3aba9087d8cc380b
-
SHA1
7727ad8cc18e6e2f2e9acede2ac5cfe23162fcf9
-
SHA256
c2bb9d453948dabae47faf866d3bc52290f4bc0da911c4ddeddf43357dbb06b2
-
SHA512
a621898a9810fbd9d8cfb5b7ba03ba30e12fbd482b47d5af4fab0d5af7e9ad54ea5d2b09d8ef335c4f477c85f24b5ca2dbccb6987e708d95fc3f20fd24657033
-
SSDEEP
49152:uaSofyDdWWqJX4hgmvQojZ2toFPVmyN8yrOR23P2yYI1K7B5lcdtH9jR9W/KMZKn:nudE4hzQoMtoFPVmyN8yrOR23O8077l6
Static task
static1
Behavioral task
behavioral1
Sample
2024-09-13_fcd3267bb69bed3e3aba9087d8cc380b_floxif_hijackloader_mafia.exe
Resource
win7-20240708-en
Behavioral task
behavioral2
Sample
2024-09-13_fcd3267bb69bed3e3aba9087d8cc380b_floxif_hijackloader_mafia.exe
Resource
win10v2004-20240802-en
Malware Config
Targets
-
-
Target
2024-09-13_fcd3267bb69bed3e3aba9087d8cc380b_floxif_hijackloader_mafia
-
Size
2.7MB
-
MD5
fcd3267bb69bed3e3aba9087d8cc380b
-
SHA1
7727ad8cc18e6e2f2e9acede2ac5cfe23162fcf9
-
SHA256
c2bb9d453948dabae47faf866d3bc52290f4bc0da911c4ddeddf43357dbb06b2
-
SHA512
a621898a9810fbd9d8cfb5b7ba03ba30e12fbd482b47d5af4fab0d5af7e9ad54ea5d2b09d8ef335c4f477c85f24b5ca2dbccb6987e708d95fc3f20fd24657033
-
SSDEEP
49152:uaSofyDdWWqJX4hgmvQojZ2toFPVmyN8yrOR23P2yYI1K7B5lcdtH9jR9W/KMZKn:nudE4hzQoMtoFPVmyN8yrOR23O8077l6
-
Detects Floxif payload
-
Event Triggered Execution: AppInit DLLs
Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.
-
ACProtect 1.3x - 1.4x DLL software
Detects file using ACProtect software.
-
Loads dropped DLL
-